the big openssl fix. hope everything still works.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1992 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
d2442fe48d
commit
e8e1fad724
275
configure.in
275
configure.in
|
@ -227,49 +227,77 @@ AC_CACHE_CHECK([for flex directory], ac_cv_flexdir, [
|
||||||
ac_cv_flexdir=$flexdir
|
ac_cv_flexdir=$flexdir
|
||||||
])
|
])
|
||||||
|
|
||||||
dnl The big mess with OpenSSL
|
|
||||||
AC_ARG_WITH(openssl,
|
|
||||||
[ --with-openssl=PATH use OpenSSL in PATH],
|
|
||||||
[tryssldir=$withval])
|
|
||||||
|
|
||||||
SSL_MSG="no"
|
dnl The big mess with OpenSSL
|
||||||
ENGINE_MSG="no"
|
|
||||||
saved_LIBS="$LIBS"
|
saved_LIBS="$LIBS"
|
||||||
saved_LDFLAGS="$LDFLAGS"
|
saved_LDFLAGS="$LDFLAGS"
|
||||||
saved_CPPFLAGS="$CPPFLAGS"
|
saved_CPPFLAGS="$CPPFLAGS"
|
||||||
AC_SUBST(LIBCRYPTO)
|
|
||||||
AC_SUBST(ENGINE_LINK)
|
|
||||||
AC_CACHE_CHECK([for OpenSSL directory], ac_cv_openssldir, [
|
|
||||||
if test "x$tryssldir" = "x" ; then
|
|
||||||
tryssldir="$trycommondir /usr /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/pkg /opt /opt/openssl"
|
|
||||||
fi
|
|
||||||
|
|
||||||
for ssldir in $tryssldir ; do
|
SSL_MSG="no"
|
||||||
# Skip empty variables
|
ssldir=""
|
||||||
if test -z "$ssldir"; then
|
|
||||||
continue;
|
AC_ARG_WITH(openssl,
|
||||||
fi
|
[ --with-openssl=PATH use OpenSSL in PATH],
|
||||||
|
[
|
||||||
# Disable OpenSSL support
|
# Disable OpenSSL support
|
||||||
if test "x$ssldir" = "xno" ; then
|
if test "x$withval" = "xno" ; then
|
||||||
SSL_MSG="no (disabled)"
|
SSL_MSG="no (disabled)"
|
||||||
ENGINE_MSG="no (disabled)"
|
|
||||||
break;
|
break;
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# ok we got a directory, so only check in that dir.
|
||||||
|
LIBCRYPTO="-lcrypto"
|
||||||
|
CPPFLAGS="$saved_CPPFLAGS"
|
||||||
|
LDFLAGS="$saved_LDFLAGS"
|
||||||
|
LIBS="$saved_LIBS $LIBCRYPTO"
|
||||||
|
LDFLAGS="-L$ssldir/lib $saved_LDFLAGS"
|
||||||
|
if test ! -z "$need_dash_r" ; then
|
||||||
|
LDFLAGS="-R$ssldir/lib $LDFLAGS"
|
||||||
|
fi
|
||||||
|
CPPFLAGS="-I$ssldir/include $saved_CPPFLAGS"
|
||||||
|
|
||||||
|
AC_TRY_RUN(
|
||||||
|
[
|
||||||
|
#include <string.h>
|
||||||
|
#include <openssl/rand.h>
|
||||||
|
int main(void)
|
||||||
|
{
|
||||||
|
char a[2048];
|
||||||
|
memset(a, 0, sizeof(a));
|
||||||
|
RAND_add(a, sizeof(a), sizeof(a));
|
||||||
|
return(RAND_status() <= 0);
|
||||||
|
}
|
||||||
|
],
|
||||||
|
[
|
||||||
|
SSL_MSG="yes"
|
||||||
|
ssldir="$withval"
|
||||||
|
LIBS="$saved_LIBS"
|
||||||
|
LDFLAGS="$saved_LDFLAGS"
|
||||||
|
CPPFLAGS="$saved_CPPFLAGS"
|
||||||
|
break
|
||||||
|
])
|
||||||
|
] , [
|
||||||
|
|
||||||
|
# we didn't get a directory, so we start searching for openssl.
|
||||||
|
|
||||||
|
for tryssldir in /usr /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/pkg /opt /opt/openssl; do
|
||||||
|
|
||||||
# Skip directories if they don't exist
|
# Skip directories if they don't exist
|
||||||
if test ! -d "$ssldir/" ; then
|
if test ! -d "$tryssldir/" ; then
|
||||||
continue;
|
continue;
|
||||||
fi
|
fi
|
||||||
|
|
||||||
LIBCRYPTO="-lcrypto"
|
LIBCRYPTO="-lcrypto"
|
||||||
CPPFLAGS="$saved_CPPFLAGS"
|
CPPFLAGS="$saved_CPPFLAGS"
|
||||||
LDFLAGS="$saved_LDFLAGS"
|
LDFLAGS="$saved_LDFLAGS"
|
||||||
LIBS="$saved_LIBS $LIBCRYPTO"
|
LIBS="$saved_LIBS $LIBCRYPTO"
|
||||||
|
|
||||||
if test "x$ssldir" != "x/usr"; then
|
if test "x$tryssldir" != "x/usr"; then
|
||||||
LDFLAGS="-L$ssldir/lib $saved_LDFLAGS"
|
LDFLAGS="-L$tryssldir/lib $saved_LDFLAGS"
|
||||||
if test ! -z "$need_dash_r" ; then
|
if test ! -z "$need_dash_r" ; then
|
||||||
LDFLAGS="-R$ssldir/lib $LDFLAGS"
|
LDFLAGS="-R$tryssldir/lib $LDFLAGS"
|
||||||
fi
|
fi
|
||||||
CPPFLAGS="-I$ssldir/include $saved_CPPFLAGS"
|
CPPFLAGS="-I$tryssldir/include $saved_CPPFLAGS"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Basic test to check for compatible version and correct linking
|
# Basic test to check for compatible version and correct linking
|
||||||
|
@ -288,18 +316,74 @@ int main(void)
|
||||||
],
|
],
|
||||||
[
|
[
|
||||||
SSL_MSG="yes"
|
SSL_MSG="yes"
|
||||||
], []
|
ssldir=$tryssldir
|
||||||
|
break;
|
||||||
|
],
|
||||||
|
[
|
||||||
|
SSL_MSG="no"
|
||||||
|
LIBS="$saved_LIBS"
|
||||||
|
LDFLAGS="$saved_LDFLAGS"
|
||||||
|
CPPFLAGS="$saved_CPPFLAGS"
|
||||||
|
]
|
||||||
)
|
)
|
||||||
|
done
|
||||||
|
])
|
||||||
|
LIBS="$saved_LIBS"
|
||||||
|
AC_SUBST(LIBCRYPTO)
|
||||||
|
AM_CONDITIONAL(HAVE_SSL, test "x$SSL_MSG" = "xyes")
|
||||||
|
|
||||||
if test "x$SSL_MSG" != "xyes"
|
# ok, we checked for basic ssl support.
|
||||||
then
|
# if it is not available, we can skip the rest of
|
||||||
continue
|
# the test. also we have $ssldir set to the location
|
||||||
fi
|
# of the openssl libs.
|
||||||
|
|
||||||
# latest openssl version with engine
|
ENGINE_MSG="no"
|
||||||
# properly integrated?
|
if [ "x$SSL_MSG" = "xyes" ]
|
||||||
AC_MSG_CHECKING([for openssl version])
|
then
|
||||||
AC_TRY_RUN(
|
# engine has to be there and working
|
||||||
|
LIBS="$saved_LIBS $LIBCRYPTO $LIBDL"
|
||||||
|
AC_TRY_RUN(
|
||||||
|
[
|
||||||
|
#include <string.h>
|
||||||
|
#include <openssl/opensslv.h>
|
||||||
|
#include <openssl/engine.h>
|
||||||
|
#include <openssl/rand.h>
|
||||||
|
int main(void)
|
||||||
|
{
|
||||||
|
char a[2048];
|
||||||
|
ENGINE *e;
|
||||||
|
|
||||||
|
e = ENGINE_new();
|
||||||
|
ENGINE_load_dynamic();
|
||||||
|
if (!e) return 1;
|
||||||
|
memset(a, 0, sizeof(a));
|
||||||
|
RAND_add(a, sizeof(a), sizeof(a));
|
||||||
|
return(RAND_status() <= 0);
|
||||||
|
}
|
||||||
|
],
|
||||||
|
[
|
||||||
|
ENGINE_MSG=yes
|
||||||
|
ENGINE_LINK="$LIBCRYPTO"
|
||||||
|
], [
|
||||||
|
ENGINE_MSG=no
|
||||||
|
]);
|
||||||
|
fi
|
||||||
|
LIBS="$saved_LIBS"
|
||||||
|
AC_SUBST(ENGINE_LINK)
|
||||||
|
AM_CONDITIONAL(HAVE_ENGINE, test "x$ENGINE_MSG" = "xyes")
|
||||||
|
|
||||||
|
# ok, now we might (or not) have ssl and an engine.
|
||||||
|
# still room for "improvements", i.e. hacks to work
|
||||||
|
# with old engines.
|
||||||
|
|
||||||
|
SSLHACK_MSG=no
|
||||||
|
|
||||||
|
if [ "x$SSL_MSG" = "xyes" -a "x$ENGINE_MSG" = "xyes" ]
|
||||||
|
then
|
||||||
|
# latest openssl version with engine
|
||||||
|
# properly integrated?
|
||||||
|
AC_MSG_CHECKING([for openssl version])
|
||||||
|
AC_TRY_RUN(
|
||||||
[
|
[
|
||||||
#include <stdlib.h>
|
#include <stdlib.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
|
@ -314,58 +398,24 @@ int main(void)
|
||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
[
|
[
|
||||||
AC_MSG_RESULT([good, 0.9.7d or later])
|
AC_MSG_RESULT([good, 0.9.7d or later])
|
||||||
GOOD_OPENSSL=yes
|
OLD_OPENSSL=no
|
||||||
],
|
],
|
||||||
[
|
[
|
||||||
AC_MSG_RESULT([not so good, 0.9.7d or later would be better])
|
AC_MSG_RESULT([not so good, 0.9.7d or later would be better])
|
||||||
GOOD_OPENSSL=no
|
OLD_OPENSSL=yes
|
||||||
]
|
])
|
||||||
)
|
|
||||||
|
|
||||||
if test "x$GOOD_OPENSSL" == "xyes"
|
if test "x$OLD_OPENSSL" == "xyes"
|
||||||
then
|
then
|
||||||
# engine has to be there and working
|
# openssl found, but version less than 0.9.7d
|
||||||
LIBS="$saved_LIBS $LIBCRYPTO $LIBDL"
|
|
||||||
AC_TRY_RUN(
|
|
||||||
[
|
|
||||||
#include <string.h>
|
|
||||||
#include <openssl/opensslv.h>
|
|
||||||
#include <openssl/engine.h>
|
|
||||||
#include <openssl/rand.h>
|
|
||||||
int main(void)
|
|
||||||
{
|
|
||||||
char a[2048];
|
|
||||||
ENGINE *e;
|
|
||||||
|
|
||||||
e = ENGINE_new();
|
# linking libcrypto.a staticaly possible?
|
||||||
ENGINE_load_dynamic();
|
|
||||||
if (!e) return 1;
|
|
||||||
memset(a, 0, sizeof(a));
|
|
||||||
RAND_add(a, sizeof(a), sizeof(a));
|
|
||||||
return(RAND_status() <= 0);
|
|
||||||
}
|
|
||||||
],
|
|
||||||
[
|
|
||||||
ENGINE_MSG=yes
|
|
||||||
ENGINE_LINK="$LIBCRYPTO"
|
|
||||||
], [
|
|
||||||
# should never happen,
|
|
||||||
# every 0.9.7* version has engine
|
|
||||||
# support integrated, it can't
|
|
||||||
# be missing.
|
|
||||||
AC_MSG_ERROR([OpenSSL support broken: openssl >= 0.9.7d without engine detected.])
|
|
||||||
])
|
|
||||||
break;
|
|
||||||
else
|
|
||||||
# openssl found, but version less than 0.9.7d
|
|
||||||
|
|
||||||
# openssl with engine support?
|
LIBS="$saved_LIBS $ssldir/lib/libcrypto.a $LIBDL"
|
||||||
LIBCRYPTOA="$ssldir/lib/libcrypto.a $LIBDL"
|
AC_TRY_RUN(
|
||||||
LIBS="$saved_LIBS $LIBCRYPTOA"
|
|
||||||
AC_TRY_RUN(
|
|
||||||
[
|
[
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <openssl/opensslv.h>
|
#include <openssl/opensslv.h>
|
||||||
|
@ -383,50 +433,25 @@ int main(void)
|
||||||
RAND_add(a, sizeof(a), sizeof(a));
|
RAND_add(a, sizeof(a), sizeof(a));
|
||||||
return(RAND_status() <= 0);
|
return(RAND_status() <= 0);
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
[
|
[
|
||||||
ENGINE_MSG=yes
|
SSLHACK_MSG=yes
|
||||||
ENGINE_LINK="$LIBCRYPTOA"
|
ENGINE_LINK="$ssldir/lib/libcrypto.a"
|
||||||
], []
|
], []
|
||||||
)
|
)
|
||||||
break;
|
|
||||||
fi
|
|
||||||
|
|
||||||
done
|
|
||||||
|
|
||||||
if test "x$SSL_MSG" = "xyes" ; then
|
|
||||||
ac_cv_openssldir="$ssldir"
|
|
||||||
else
|
|
||||||
ac_cv_openssldir="no"
|
|
||||||
fi
|
fi
|
||||||
], [SSL_MSG=yes])
|
|
||||||
CPPFLAGS="$saved_CPPFLAGS"
|
|
||||||
LDFLAGS="$saved_LDFLAGS"
|
|
||||||
LIBS="$saved_LIBS"
|
|
||||||
|
|
||||||
if test "x$SSL_MSG" = "xyes" ; then
|
|
||||||
AC_DEFINE(HAVE_OPENSSL, 1, [Have OpenSSL libraries])
|
|
||||||
if test "x$ac_cv_openssldir" != "x/usr"; then
|
|
||||||
LDFLAGS="-L$ac_cv_openssldir/lib $LDFLAGS"
|
|
||||||
if test ! -z "$need_dash_r" ; then
|
|
||||||
LDFLAGS="-R$ac_cv_openssldir/lib $LDFLAGS"
|
|
||||||
fi
|
|
||||||
CPPFLAGS="-I$ac_cv_openssldir/include $saved_CPPFLAGS"
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
LIBCRYPTO=""
|
|
||||||
LIBCRYPTOA=""
|
|
||||||
ENGINE_LINK=""
|
|
||||||
fi
|
fi
|
||||||
AM_CONDITIONAL(HAVE_SSL, test "x$SSL_MSG" = "xyes")
|
AM_CONDITIONAL(HAVE_SSLHACK, test "x$SSLHACK_MSG" = "xyes")
|
||||||
AM_CONDITIONAL(HAVE_ENGINE, test "x$ENGINE_MSG" = "xyes")
|
|
||||||
|
|
||||||
AC_SUBST(OPENSSL_LDFLAGS)
|
# now - last part to do: check if we gain anything from
|
||||||
|
# funny parameters to link openssl with.
|
||||||
|
|
||||||
|
saved_LDFLAGS="$LDFLAGS"
|
||||||
if test "x$ENGINE_MSG" = "xyes" ; then
|
if test "x$ENGINE_MSG" = "xyes" ; then
|
||||||
for openssl_ldflag in "-Wl,-Bsymbolic" "-G -Wl,-Bsymbolic" "-shared -G -Wl,-Bsymbolic" "-Wl,-all_load"; do
|
for openssl_ldflag in "-Wl,-Bsymbolic" "-G -Wl,-Bsymbolic" "-shared -G -Wl,-Bsymbolic" "-Wl,-all_load"; do
|
||||||
AC_MSG_CHECKING([whether we can use $openssl_ldflag])
|
AC_MSG_CHECKING([whether we can use $openssl_ldflag])
|
||||||
saved_CFLAGS=$CFLAGS
|
saved_CFLAGS=$CFLAGS
|
||||||
CFLAGS="$CFLAGS $openssl_ldflag"
|
LDFLAGS="$saved_LDFLAGS $openssl_ldflag"
|
||||||
AC_TRY_LINK(,[return 1],ac_cv_use_openssl_flag="yes",ac_cv_use_openssl_flag="no")
|
AC_TRY_LINK(,[return 1],ac_cv_use_openssl_flag="yes",ac_cv_use_openssl_flag="no")
|
||||||
CFLAGS=$saved_CFLAGS
|
CFLAGS=$saved_CFLAGS
|
||||||
AC_MSG_RESULT($ac_cv_use_openssl_flag)
|
AC_MSG_RESULT($ac_cv_use_openssl_flag)
|
||||||
|
@ -436,6 +461,8 @@ if test "x$ENGINE_MSG" = "xyes" ; then
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
fi
|
fi
|
||||||
|
LDFLAGS="$saved_LDFLAGS"
|
||||||
|
AC_SUBST(OPENSSL_LDFLAGS)
|
||||||
|
|
||||||
AC_ARG_WITH(pam-dir,
|
AC_ARG_WITH(pam-dir,
|
||||||
[ --with-pam-dir=PATH Specify path for PAM installation libraries],
|
[ --with-pam-dir=PATH Specify path for PAM installation libraries],
|
||||||
|
@ -615,16 +642,23 @@ else
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if test "x$PCSC_MSG" = "xyes"; then
|
if test "x$PCSC_MSG" = "xyes"; then
|
||||||
|
CPPFLAGS="${PCSC_CFLAGS} $saved_CPPFLAGS"
|
||||||
CFLAGS="$PCSC_CFLAGS $saved_CFLAGS"
|
CFLAGS="$PCSC_CFLAGS $saved_CFLAGS"
|
||||||
LIBS="$PCSC_LIBS $saved_LIBS"
|
LIBS="$PCSC_LIBS $saved_LIBS"
|
||||||
AC_TRY_LINK([
|
AC_TRY_LINK([
|
||||||
#include <stdlib.h>
|
#include <stdlib.h>
|
||||||
|
#ifdef __APPLE__
|
||||||
|
#include <PCSC/wintypes.h>
|
||||||
|
#include <PCSC/winscard.h>
|
||||||
|
#else
|
||||||
#include <winscard.h>
|
#include <winscard.h>
|
||||||
|
#endif
|
||||||
], [
|
], [
|
||||||
SCardControl(NULL, NULL, 0, NULL, 0);
|
SCardControl(NULL, NULL, 0, NULL, NULL);
|
||||||
], [
|
], [
|
||||||
AC_DEFINE(HAVE_PCSC_OLD, 1, [old version of pc/sc-lite])
|
AC_DEFINE(HAVE_PCSC_OLD, 1, [old version of pc/sc-lite])
|
||||||
])
|
])
|
||||||
|
CPPFLAGS="$saved_CPPFLAGS"
|
||||||
CFLAGS="$saved_CFLAGS"
|
CFLAGS="$saved_CFLAGS"
|
||||||
LIBS="$saved_LIBS"
|
LIBS="$saved_LIBS"
|
||||||
fi
|
fi
|
||||||
|
@ -1008,6 +1042,7 @@ echo ""
|
||||||
echo "Random number collection: ${RAND_MSG}"
|
echo "Random number collection: ${RAND_MSG}"
|
||||||
echo "OpenSSL support: ${SSL_MSG}"
|
echo "OpenSSL support: ${SSL_MSG}"
|
||||||
echo " with engine: ${ENGINE_MSG}"
|
echo " with engine: ${ENGINE_MSG}"
|
||||||
|
echo " with sslhack: ${SSLHACK_MSG}"
|
||||||
echo "PC/SC support: ${PCSC_MSG}"
|
echo "PC/SC support: ${PCSC_MSG}"
|
||||||
echo "OpenCT support: ${OPENCT_MSG}"
|
echo "OpenCT support: ${OPENCT_MSG}"
|
||||||
echo "Assuan support: ${ASSUAN_MSG}"
|
echo "Assuan support: ${ASSUAN_MSG}"
|
||||||
|
|
Loading…
Reference in New Issue